Ticket #12470: 12670_messages_base64.diff

File 12670_messages_base64.diff, 2.8 KB (added by tobias, 6 years ago)

base64-encode message payload in CookieStorage to escape special characters and reliably predict cookie size

  • django/contrib/messages/storage/cookie.py

    diff -r 0d75d06731df django/contrib/messages/storage/cookie.py
    a b  
    11import hmac
     2import base64
    23
    34from django.conf import settings
    45from django.utils.hashcompat import sha_hmac
     
    114115        """
    115116        if messages or encode_empty:
    116117            encoder = MessageEncoder(separators=(',', ':'))
    117             value = encoder.encode(messages)
     118            value = base64.b64encode(encoder.encode(messages))
    118119            return '%s$%s' % (self._hash(value), value)
    119120
    120121    def _decode(self, data):
     
    133134                try:
    134135                    # If we get here (and the JSON decode works), everything is
    135136                    # good. In any other case, drop back and return None.
    136                     return json.loads(value, cls=MessageDecoder)
     137                    return json.loads(base64.b64decode(value),
     138                                      cls=MessageDecoder)
    137139                except ValueError:
    138140                    pass
    139141        # Mark the data as used (so it gets removed) since something was wrong
  • django/contrib/messages/tests/cookie.py

    diff -r 0d75d06731df django/contrib/messages/tests/cookie.py
    a b  
    7070        response = self.get_response()
    7171
    7272        for i in range(5):
    73             storage.add(constants.INFO, str(i) * 900)
     73            # 1.33 = increase in size due to base64 encoding
     74            # 4k = max cookie size
     75            # 675 * 4 * 1.33 = 3591
     76            # 675 * 5 * 1.33 = 4489
     77            storage.add(constants.INFO, str(i) * 675)
    7478        unstored_messages = storage.update(response)
    7579
    7680        cookie_storing = self.stored_messages_count(storage, response)
    7781        self.assertEqual(cookie_storing, 4)
    7882
    7983        self.assertEqual(len(unstored_messages), 1)
    80         self.assert_(unstored_messages[0].message == '0' * 900)
     84        self.assert_(unstored_messages[0].message == '0' * 675)
    8185
    8286    def test_json_encoder_decoder(self):
    8387        """
  • django/contrib/messages/tests/fallback.py

    diff -r 0d75d06731df django/contrib/messages/tests/fallback.py
    a b  
    148148        response = self.get_response()
    149149
    150150        for i in range(5):
    151             storage.add(constants.INFO, str(i) * 900)
     151            # 1.33 = increase in size due to base64 encoding
     152            # 4k = max cookie size
     153            # 675 * 4 * 1.33 = 3591
     154            # 675 * 5 * 1.33 = 4489
     155            storage.add(constants.INFO, str(i) * 675)
    152156        storage.update(response)
    153157
    154158        cookie_storing = self.stored_cookie_messages_count(storage, response)
Back to Top